Waterfall and NanoLock collaborate to protect critical infrastructure

A new Israeli cooperation in the critical infrastructures’ cyber defense.  Waterfall Security Company and NanoLock Company announced a new cooperation of offering a combined solution for energy & critical infrastructures companies. According to the companies, the synergy between the solutions will provide tighter and more holistic protection to the various layers of operation and production systems against different cyber scenarios. 

Waterfall’s solution is located in the communication interface between the IT systems and the operation & production systems, and creates a unidirectional buffer that prevents cyber intrusions from outside the system. NanoLock’s solution is installed at the device level, providing protection to connected edge devices, such as industrial controllers and sensors. At this level, the solution prevents maliciously or accidentally unauthorized code alterations, whether by employees or outsiders.

Yanir Laubshtein, NanoLock’s VP Cyber Solutions, explains the technological and business rationality behind the cooperation: “Waterfall creates separation between the production infrastructure and the internet, while we provide protection at the controller or sensor level. Since technicians or vendors might have occasional access to the edge-devices, such as for maintenance – it is important to fully protect them. Our solution allow for using the edge-devices for telemetry only, and block any unauthorized attempts to alter their definitions. This is not only malicious attacks protection, but also human errors that might cause faults and harm the operational flow. Nowadays, critical infrastructure plants are subject to tighter regulation requirements. Also, the latter attacks wave increased the industry’s awareness to cyber protection solutions”. 

Two concepts of IIoT cyber security

Founded in 2016, NanoLock’s solution provides device level protection for IoT and industrial equipment, with minimal power, processing and memory footprint, and is therefore particularly suitable for IoT devices with limited processing resources and scant battery power such as smart meters in the gas, water and electricity industries.

Founded at 2008, Waterfall has developed a unidirectional cyber solution, consists of both hardware and software, which offers bulletproof protection for operational networks (OT) in industrial facilities against remote cyber attacks. The hardware component is installed between the operational network (OT) and the external network (IT). A single one direction optical fiber connects the two, thus creates a Unidirectional Security Gateway allowing data to move only outward but not into the industrial network itself. This hardware creates a physical barrier that isolates the network. When a user uses the analytics systems, he does so in a replicated cloud.

NanoLock will secure millions of smart meters in Italy

The Israeli cybersecurity company NanoLock, which developed a cyber protection solution for smart meters, IoT and edge devices, announced a commercial partnership with the Italian IT company Atlantica and its subsidiary Atlantic Cybernext, to offer managed security service, based on NanoLock technology, to protect tens of millions of smart meters and connected devices for leading utilities and industrial companies in Italy and throughout Europe.

Operating primarily in Europe, Atlantica Digital is currently managing over 13 million smart meters, in addition to smart lighting and industrial devices. Atlantica Cybernext, the sister company of Atlantica Digital, has created a next generation Security Operations Center (SOC), which includes the NanoLock-enabled managed security service, to help protecting their business and infrastructure. The new service from Atlantica and NanoLock will be commercially available in Q2 2021, with a potential value of 8.000.000 euros of income by 2023.

The cyber risks of smart grids

Founded in 2016, NanoLock’s solution provides device level protection for IoT and industrial equipment, with minimal power, processing and memory footprint, and is therefore particularly suitable for IoT devices with limited processing resources and scant battery power such as smart meters in the gas, water and electricity industries. NanoLock is working with major utilities, industrial companies, and large ecosystem partners in Japan, Spain, Switzerland, Singapore, Netherlands, the U.S.¸ and Israel.

Driven by rising emissions¸ energy resource constraints and outdated infrastructure¸ the global smart meter market is growing in demand. But this trend also poses major risks. Smart meters can be manipulated by hackers, that by altering the device reading are frauduently lowering their electricity bill. Northeast Group estimated in a report dated a few years ago that the total losses arise from electricity theft amounts to about $ 96 billion globally a year. Smart meter can also be used as an access point for hackers into the grid itself and put the entire grid at risk.

Last month NanoLock has announced a strategic collaboration with Genus Power Infrastructures, the largest electricity infrastructure company in India and the leading smart meters manufacturer in the country. As part of the collaboration, Nanolock’s solution will be integrated into GPI’s smart meters and will provide protection against power fraud and cyber attacks on the grid.

NanoLock will secure tens of millions of smart meters in India

The israeli industrial cyber security company NanoLock has announced a strategic collaboration with Genus Power Infrastructures, the largest electricity infrastructure company in India. The Indian electricity market has been undergoing in recent years a rapid transition into smart grids and the use of smart meters, and GPI is the leading smart meters manufacturer in the country. As part of the collaboration, Nanolock’s solution will be integrated into GPI’s smart meters and will provide protection against power fraud and cyber attacks on the grid.

The collaboration with GPI may lead to the deployment of tens of millions of smart meters equipped with the Nanolock solution. GPI is the main supplier of smart meters to India’s largest electricity company, EESL, which recently announced an ambitious plan to deploy some 240 million smart meters across the country by 2023. It is estimated that GPI will supply EESL with at least 50% of all meters. In August, GPI announced that it had already supplied EESL with about 1.5 million smart meters, and it produces 10 million smart meters a year.

Founded in 2016, NanoLock’s solution provides device level protection for IoT and industrial equipment, with minimal power, processing and memory footprint, and is therefore particularly suitable for IoT devices with limited processing resources and scant battery power such as smart meters in the gas, water and electricity industries.

NanoLock’s CEO Eran Fein told Techtime: “Our solution sits between the Flash memory and the CPU, where all the device settings are located. It blocks any attempt to alter critical settings and write to the memory, and reports any such incident to the server.” NanoLock is working with major utilities, industrial companies, and large ecosystem partners in Japan, Spain, Switzerland, Singapore, Netherlands, the U.S.¸ and Israel.

Power outage during a religious festival

Driven by rising emissions¸ energy resource constraints and outdated infrastructure¸ the global smart meter market is growing in demand. “The smart meter market is booming¸ but so too are the potential cyberthreats. Utilities and smart city solutions providers are confronting new attacks all the time and any connected device could be the entry point for attackers.”

Smart meters can be manipulated by hackers, that by altering the device reading are frauduently lowering their electricity bill. Northeast Group estimated in a report dated a few years ago that the total losses arise from electricity theft amounts to about $ 96 billion globally a year.

Smart meters vulnerabilities can also put the entire power grid at risk. In August, during an Hindu holiday, power outage affected some 300,000 households in the Uttar Pradesh state in India for several hours. An inspection by the authorities revealed that the fault was due to an error made by a technician who tried to change the settings in one of the smart meters, causing a chain reaction that distrupted the entire grid.

Fein claims Nanolock’s solution provides protection not only from intentional electricity scams but also from wrong doing by employees with access. “It was a wake-up call for the electricity market in India and exemplified the importance of cyber security. Our solution could have prevented this glitch.”

NanoLock and Micron Co-developed Flash Security

NanoLock Security and Micron Technology, will be demonstrating a Flash-to-Cloud management solution for security in Internet of Things (IoT) and connected devices. The combined solution provides secure updates and protection of IoT devices with Micron’s Authenta Technology embedded in flash memory devices. The combination of NanoLock Security’s platform with Authenta, enable strong Flash-to-Cloud integrity and protection from the production line to field deployment, and after the device’s end of life, while consuming virtually zero computing and power resources.

“This emphasizes the universal need for trusted management with enhanced security in IoT devices,” said Yoni Kahana, VP of customers for NanoLock. “A secure channel between end devices and the cloud, and the ability to seamlessly manage that channel simplifies IoT deployments and simultaneously provides a revenue stream for customers.” The demonstration will take place at Mobile World Congress 2019 in Barcelona.

At electronica 2018 in Munich, NanoLock and Winbond demonstrated end-to-end security solution to IoT devices such as automotive ECUs/MCUs, cameras, ICS solutions and routers. The OS/CPU agnostic solution guarantees flash-to-cloud integrity and mutual protection during regular operations and firmware-over-the-air (FOTA) updates.

NanoLocks MoT (Management of Things) platform updates, controls and monitors connected devices, while its FOTALock Management platform secures the FOTA (Firmware Over the Air) updates. The company was founded in 2016 by seasoned industry executives. Among them the CEO Eran Fine, previously the Founder and CEO of OREE which was sold to Diogano.  Erez Kreiner¸ co-founder and Senior Cyber Advisor of NanoLock, served as Director of Israel’s National Cyber Security Authority for more than five years. In this role he was was responsible for preventing cyber-attacks on Israel’s critical infrastructures and assets.